Hi, all... While working on ftpd, I noticed there's some cruft in the
RFC that says that both outgoing and incoming data connections should
happen on the ftp_data port. We support this behaviour by using the
SO_REUSEADDR and SO_REUSEPORT socket options, but it probably hasn't
been lost on other people that there seems to be a race condition
involved in that... Two clients can send two servers PASV commands,
simultaneously, both servers will end up doing listen()s on the ftp_data
port, and the clients' connections could be accepted by the wrong
daemon.
I've been trying to come up with solutions to this problem... The only
one I've thought of that does what I want is a blocking listen() call,
that'll wait until no one else is listening on an address before
finishing the listen(). It would act like connect(), WRT blocking and
being able to select() on the descriptor. In the case of ftpd, the PASV
command wouldn't complete until the daemon is able to secure the address
to listen on, thus eliminating the race.
Does this sound like something we'd want? Should the blocking behaviour
be specified with a socket option, or should there be another system
call that can block? Is there another forum I should use to discuss
this?
Thanks in advance,
--aidan